lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20210204072516.GC17757@xsang-OptiPlex-9020>
Date:   Thu, 4 Feb 2021 15:25:17 +0800
From:   kernel test robot <oliver.sang@...el.com>
To:     Christian König 
        <ckoenig.leichtzumerken@...il.com>
Cc:     0day robot <lkp@...el.com>,
        Christian König <christian.koenig@....com>,
        LKML <linux-kernel@...r.kernel.org>, lkp@...ts.01.org,
        mojha@...eaurora.org, jkosina@...e.cz, cezary.rojewski@...el.com,
        neilb@...e.com, b00073877@....edu,
        andriy.shevchenko@...ux.intel.com
Subject: [list]  b9dc2e0952: WARNING:at_lib/list_debug.c:#__list_add_valid


Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: b9dc2e095274fa65d5b96231bb121a4e4616b5d6 ("list: add more extensive double add check")
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git Christian-K-nig/list-add-more-extensive-double-add-check/20210201-215918


in testcase: locktorture
version: 
with following parameters:

	runtime: 300s
	test: cpuhotplug

test-description: This torture test consists of creating a number of kernel threads which acquire the lock and hold it for specific amount of time, thus simulating different critical region behaviors.
test-url: https://www.kernel.org/doc/Documentation/locking/locktorture.txt


on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 8G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):


+-------------------------------------------------------------+------------+------------+
|                                                             | 4826dea261 | b9dc2e0952 |
+-------------------------------------------------------------+------------+------------+
| WARNING:at_lib/list_debug.c:#__list_add_valid               | 0          | 12         |
| EIP:__list_add_valid                                        | 0          | 12         |
+-------------------------------------------------------------+------------+------------+


If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang@...el.com>


[  106.277211] WARNING: CPU: 1 PID: 218 at lib/list_debug.c:36 __list_add_valid (kbuild/src/consumer/lib/list_debug.c:36 (discriminator 5)) 
[  106.278116] Modules linked in:
[  106.278458] CPU: 1 PID: 218 Comm: kunit_try_catch Tainted: G        W         5.11.0-rc3-00219-gb9dc2e095274 #1
[  106.279527] EIP: __list_add_valid (kbuild/src/consumer/lib/list_debug.c:36 (discriminator 5)) 
[ 106.280000] Code: da 51 52 56 68 d0 c8 ed 4b 83 05 88 18 06 4d 01 83 15 8c 18 06 4d 00 e8 4d 31 25 01 83 05 90 18 06 4d 01 83 15 94 18 06 4d 00 <0f> 0b 83 05 98 18 06 4d 01 83 15 9c 18 06 4d 00 83 c4 10 31 c0 e9
All code
========
   0:	da 51 52             	ficoml 0x52(%rcx)
   3:	56                   	push   %rsi
   4:	68 d0 c8 ed 4b       	pushq  $0x4bedc8d0
   9:	83 05 88 18 06 4d 01 	addl   $0x1,0x4d061888(%rip)        # 0x4d061898
  10:	83 15 8c 18 06 4d 00 	adcl   $0x0,0x4d06188c(%rip)        # 0x4d0618a3
  17:	e8 4d 31 25 01       	callq  0x1253169
  1c:	83 05 90 18 06 4d 01 	addl   $0x1,0x4d061890(%rip)        # 0x4d0618b3
  23:	83 15 94 18 06 4d 00 	adcl   $0x0,0x4d061894(%rip)        # 0x4d0618be
  2a:*	0f 0b                	ud2    		<-- trapping instruction
  2c:	83 05 98 18 06 4d 01 	addl   $0x1,0x4d061898(%rip)        # 0x4d0618cb
  33:	83 15 9c 18 06 4d 00 	adcl   $0x0,0x4d06189c(%rip)        # 0x4d0618d6
  3a:	83 c4 10             	add    $0x10,%esp
  3d:	31 c0                	xor    %eax,%eax
  3f:	e9                   	.byte 0xe9

Code starting with the faulting instruction
===========================================
   0:	0f 0b                	ud2    
   2:	83 05 98 18 06 4d 01 	addl   $0x1,0x4d061898(%rip)        # 0x4d0618a1
   9:	83 15 9c 18 06 4d 00 	adcl   $0x0,0x4d06189c(%rip)        # 0x4d0618ac
  10:	83 c4 10             	add    $0x10,%esp
  13:	31 c0                	xor    %eax,%eax
  15:	e9                   	.byte 0xe9
[  106.282024] EAX: 00000040 EBX: becf7f01 ECX: 00000000 EDX: ffffffff
[  106.282698] ESI: becf7f08 EDI: 00000003 EBP: becf7ed8 ESP: becf7eb8
[  106.283362] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068 EFLAGS: 00010246
[  106.284059] CR0: 80050033 CR2: 00000000 CR3: 0cb60000 CR4: 000406f0
[  106.284729] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[  106.285406] DR6: fffe0ff0 DR7: 00000400
[  106.285797] Call Trace:
[  106.286060] __list_add (kbuild/src/consumer/include/linux/list.h:79) 
[  106.286419] list_add_tail (kbuild/src/consumer/include/linux/list.h:112) 
[  106.286804] list_test_list_double_add (kbuild/src/consumer/lib/list-test.c:720) 
[  106.287292] ? find_held_lock (kbuild/src/consumer/kernel/locking/lockdep.c:4935) 
[  106.287702] ? __kthread_parkme (kbuild/src/consumer/arch/x86/include/asm/bitops.h:207 kbuild/src/consumer/include/asm-generic/bitops/instrumented-non-atomic.h:135 kbuild/src/consumer/kernel/kthread.c:222) 
[  106.288112] ? lock_release (kbuild/src/consumer/kernel/locking/lockdep.c:5120 kbuild/src/consumer/kernel/locking/lockdep.c:5457) 
[  106.288542] kunit_try_run_case (kbuild/src/consumer/lib/kunit/test.c:242 kbuild/src/consumer/lib/kunit/test.c:285) 
[  106.288995] ? kunit_catch_run_case (kbuild/src/consumer/lib/kunit/test.c:270) 
[  106.289458] kunit_generic_run_threadfn_adapter (kbuild/src/consumer/lib/kunit/try-catch.c:30) 
[  106.290035] kthread (kbuild/src/consumer/kernel/kthread.c:292) 
[  106.290393] ? kunit_ptr_not_err_assert_format (kbuild/src/consumer/lib/kunit/try-catch.c:25) 
[  106.290966] ? list_del_init (kbuild/src/consumer/arch/x86/events/intel/uncore.c:1349) 
[  106.291413] ret_from_fork (kbuild/src/consumer/arch/x86/entry/entry_32.S:856) 
[  106.291812] ---[ end trace 45c83c6d92ae08ff ]---
[  106.292406]     ok 37 - list_test_list_double_add
[  106.292416] kunit_try_catch (218) used greatest stack depth: 6748 bytes left
[  106.292420] ok 9 - list-kunit-test
[  106.310005] Freeing unused kernel image (initmem) memory: 1580K
[  106.311600] Write protecting kernel text and read-only data: 37892k
[  106.312308] NX-protecting the kernel data: 24708k
[  106.321393] Run /init as init process
[  106.321862]   with arguments:
[  106.322185]     /init
[  106.322439]   with environment:
[  106.322785]     HOME=/
[  106.323048]     TERM=linux
[  106.323345]     user=lkp
[  106.323627]     job=/lkp/jobs/scheduled/vm-snb-i386-120/locktorture-300s-cpuhotplug-debian-i386-20191205.cgz-b9dc2e095274fa65d5b96231bb121a4e4616b5d6-20210203-5969-yuy83m-3.yaml
[  106.325290]     ARCH=i386
[  106.325570]     kconfig=i386-randconfig-a002-20210202
[  106.326097]     branch=linux-review/Christian-K-nig/list-add-more-extensive-double-add-check/20210201-215918
[  106.327103]     commit=b9dc2e095274fa65d5b96231bb121a4e4616b5d6
[  106.327767]     BOOT_IMAGE=/pkg/linux/i386-randconfig-a002-20210202/gcc-9/b9dc2e095274fa65d5b96231bb121a4e4616b5d6/vmlinuz-5.11.0-rc3-00219-gb9dc2e095274
[  106.329186]     max_uptime=2100
[  106.329527]     RESULT_ROOT=/result/locktorture/300s-cpuhotplug/vm-snb-i386/debian-i386-20191205.cgz/i386-randconfig-a002-20210202/gcc-9/b9dc2e095274fa65d5b96231bb121a4e4616b5d6/3
[  106.331227]     LKP_SERVER=internal-lkp-server
[  106.331718]     selinux=0
[  106.332016]     softlockup_panic=1
[  106.332398]     prompt_ramdisk=0
[  106.332732]     vga=normal
[  106.372270] systemd[1]: RTC configured in localtime, applying delta of 0 minutes to system time.
[  106.413240] random: systemd: uninitialized urandom read (16 bytes read)

Welcome to Debian GNU/Linux 9 (stretch)!

[  106.566125] random: systemd: uninitialized urandom read (16 bytes read)
[  106.635196] random: systemd-cryptse: uninitialized urandom read (16 bytes read)
[  OK  ] Listening on Syslog Socket.
[  OK  ] Started Dispatch Password Requests to Console Directory Watch.
[  OK  ] Created slice System Slice.
Mounting RPC Pipe File System...
[  OK  ] Started Forward Password Requests to Wall Directory Watch.
[  OK  ] Listening on /dev/initctl Compatibility Named Pipe.
[  OK  ] Listening on udev Control Socket.
[  OK  ] Reached target Paths.
[  OK  ] Listening on Journal Socket (/dev/log).
[  OK  ] Created slice User and Session Slice.
[  OK  ] Reached target Slices.
[  OK  ] Reached target Encrypted Volumes.
[  OK  ] Created slice system-getty.slice.
[  OK  ] Listening on udev Kernel Socket.
[  OK  ] Reached target Swap.
[  OK  ] Listening on Journal Socket.
Starting Load Kernel Modules...
Starting Remount Root and Kernel File Systems...
Starting Create Static Device Nodes in /dev...
Starting Journal Service...
Mounting Debug File System...
[  OK  ] Listening on RPCbind Server Activation Socket.
[  OK  ] Mounted RPC Pipe File System.
[  OK  ] Started Load Kernel Modules.
[  OK  ] Started Remount Root and Kernel File Systems.
[  OK  ] Started Create Static Device Nodes in /dev.
[  OK  ] Mounted Debug File System.
Starting udev Kernel Device Manager...
Starting Load/Save Random Seed...
[  OK  ] Reached target Local File Systems (Pre).
[  OK  ] Reached target Local File Systems.
Starting Preprocess NFS configuration...
Starting udev Coldplug all Devices...
Starting Apply Kernel Variables...
Mounting Configuration File System...
[  OK  ] Started udev Kernel Device Manager.
[  OK  ] Started Load/Save Random Seed.
[  OK  ] Started Preprocess NFS configuration.
[  OK  ] Reached target NFS client services.
[  OK  ] Started Apply Kernel Variables.
Starting Raise network interfaces...
[  OK  ] Mounted Configuration File System.
[  107.714356] ip (263) used greatest stack depth: 6516 bytes left
[  108.208565] systemctl (279) used greatest stack depth: 6404 bytes left
[  OK  ] Started Raise network interfaces.
[  OK  ] Reached target Network.
[  OK  ] Reached target Network is Online.
[  OK  ] Started Journal Service.
Starting Flush Journal to Persistent Storage...
[  OK  ] Started Flush Journal to Persistent Storage.
Starting Create Volatile Files and Directories...
[  OK  ] Started Create Volatile Files and Directories.
Starting RPC bind portmap service...
Starting Network Time Synchronization...
Starting Update UTMP about System Boot/Shutdown...
[  OK  ] Started RPC bind portmap service.
[  OK  ] Reached target Remote File Systems (Pre).
[  OK  ] Reached target Remote File Systems.
[  OK  ] Reached target RPC Port Mapper.
[  OK  ] Started Update UTMP about System Boot/Shutdown.
[  OK  ] Started Network Time Synchronization.
[  OK  ] Reached target System Time Synchronized.
[  OK  ] Started udev Coldplug all Devices.
[  OK  ] Reached target System Initialization.
[  OK  ] Started Daily apt download activities.
[  OK  ] Started Daily apt upgrade and clean activities.
[  118.549503] random: fast init done



To reproduce:

        # build kernel
	cd linux
	cp config-5.11.0-rc3-00219-gb9dc2e095274 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage modules
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 INSTALL_MOD_PATH=<mod-install-dir> modules_install
	cd <mod-install-dir>
	find lib/ | cpio -o -H newc --quiet | gzip > modules.cgz


        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> -m modules.cgz job-script # job-script is attached in this email



Thanks,
Oliver Sang


View attachment "config-5.11.0-rc3-00219-gb9dc2e095274" of type "text/plain" (148665 bytes)

View attachment "job-script" of type "text/plain" (4578 bytes)

Download attachment "dmesg.xz" of type "application/x-xz" (20076 bytes)

View attachment "locktorture" of type "text/plain" (3967 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ